Re: Folder Security

• Previous message: Joe Richards [MVP]: "Re: Custom Delegation in AD"
• In reply to: Steven L Umbach: "Re: Folder Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 25 Sep 2004 10:08:42 -0400

Agreed. I think there are some additional articles on how to enable NTFS
file and folder auditing here. Do note that it is a two step process:
enable file auditing on the machine, and then edit the security properties
auditing settings on the folders in question.

http://securityadmin.info/faq.asp#auditing

"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:OGM9MCmoEHA.648@tk2msftngp13.phx.gbl...
> You can enable auditing of object access on the computer and then audit
the top
> folder from where these folders are being deleted. I would audit just the
delete
> permission and apply onto this folder and subfolders only and avoid using
everyone as
> the group to audit. Then when a folder is delete Event ID's 560 and 562
will be
> generated in pairs by timestamp in the security log that will help you
find who is
> deleting the folders.
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;301640
>
> I would check your permissions for users. You might be able to use special
> permissions to help your problem. If you just want users to write files
and folders
> to the top folder for instance give them read/list/execute/write
permissions for the
> folder. Then if you want them to be able to delete subfolders and files,
go into
> advanced permissions and add the user group again and select subfolders
and files and
> give them the needed permissions. Advanced permissions are very flexible.
The trick
> is to realize a group can have multiple advanced permissions and to use
the "apply
> onto" selection to fine tune your permissions as to if they should apply
to this
> folder subfolder and files, this folder only, files only, subfolders and
files only,
> etc.
>
> You might also be able to take advantage of the Shadow Volume feature
available on
> Windows 2003 Server. Their is a client component required on XP Pro and
W2K
> computers. See the link below for more info. --- Steve
>
>
http://www.microsoft.com/windowsserver2003/technologies/fileandprint/file/vds/default.mspx
>
> "Eric Graham" <egraham22@yahoo.com> wrote in message
> news:O%23j6SvloEHA.3460@tk2msftngp13.phx.gbl...
> >I have a shared folder on Server 2003 that has had some folders
disappering
> > out of it, luckily I have been able to pull them off of backup tapes.
Is
> > there any way to tell who deleted the folder, what security setting can
I
> > set to keep people from deleting folders and files from the top level of
> > this shared drive?
> >
> > Thanks
> > Eric
> >
> >
>
>

• Previous message: Joe Richards [MVP]: "Re: Custom Delegation in AD"
• In reply to: Steven L Umbach: "Re: Folder Security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]